Adding and Selecting a Key Vault

You may now generate derivative keys in the Key Vault to be used by Forcepoint ONE SSE to encrypt data in applications.

1. Click the green plus icon to generate different keys per application or just use one across different apps or app instances as desired. Once created you can then renew your keys at any time using the Generate New Key button. Doing so will create a new Tenant Key that will be used for all new encryption operations. The old Tenant Keys will be retained for previously encrypted data.
   
   
   

   

2. To select the Key Vault you want to use in the cloud application, navigate to Protect > Policies and select the cloud application.
   
   
   
3. In the cloud app page (in this case box), click the App instance.
   
   
   
4. In the cloud app instance page, select the Key Vault dropdown near the bottom to choose which key you want to use that you created. Now you can enforce encryption inside of your application using the key from the Key Vault you selected.